GSM Tech (was: Re: Is GSM a blackbox in OpenMoko)

Steve openmokolists at
Sat Dec 15 00:48:22 CET 2007

Let me see If I can help out a bit.  Maybe I can stem the tide of GSM
tech questions.  As I'm much more knowledgeable about AMPS than GSM,
feel free to correct me, give me a hard time, or whatever.

On government regulations/controls:

Many world governments regulate the sale of radio transmitters in order
to prevent the spectrum in their area from becoming cluttered and
useless.  This is usually in addition to requiring licenses in order to
transmit on specific frequencies, and done in order to cut down on both
willful and inadvertent unlicensed transmissions.

It boils down to this:  If any fool can easily get a radio capable of
transmitting on a certain frequency, some fool will use it to do so.

The GSM Modem as a black box:

>From my understanding of the NEO 1973, the GSM modem is roughly
analogous to a computer modem from the past.  (Not the cheap "winmodems"
that are so abundant these days.)  It is connected via a serial
connection to the portion that runs open software and communicates over
the GSM network.  TI has provided a set of "AT" commands to preform a
limited subset of the functionality that the modem is capable of.  If
you want to use more advanced or unintended functionality, you'll have
to figure out how to do that on your own.

This is done intentionally out of both compliance with the
regulations/controls of various world governments, and paranoia about
super secret IP on the part of TI.  While this prevents us from doing
potentially interesting and useful things, it also prevents fools from
trampling your signal while you're trying to legitimately use the GSM

The SIM card:

The SIM card in a GSM phone serves as a physical authentication token
for your account.  That is, your phone number is tied to the SIM card.
In other cellular systems, your phone number is tied to the individual

In both cases, the device which the phone number is tied to is supposed
to be impossible to clone or copy.  While its not possible to actually
make the device impossible to clone, it can be made illegal and hard to
do.  Since this is illegal in most places, it is not supported to copy
or function with a known copy of the SIM card.  This capability would
also make the NEO 1973 illegal in many places.


I believe the SIM card is directly connected to the GSM modem in the NEO
1973.  If this is not the case, someone please correct me.

The government regulations concerning the GSM modem are not there due to
privacy protection or the ability to "tap" the phone.  Privacy in the
GSM network is provided through the use of encryption.  The encryption
algorithms used, however, appear to contain significant weaknesses (some
of them possibly intentional) and shouldn't be relied upon.

"Tapping" into your phone calls is much more easily done by the carrier
at the behest of the government.  Some of the weakness in the encryption
algorithms used is theorized to be for the purposes of government
interception.  It is theoretically possible that the software in the GSM
modem could be made to transmit encryption keys to others.  However if
that were the case I would suspect it would have been discovered by now
by the unlockers who routinely disassemble the firmware that GSM modems
are running.

I understand that government regulations are hindering progress in the
area of software defined radios.  This is shame, as the technology is
flexible and promising.


More information about the device-owners mailing list